bash

bash
#!/usr/bin/env bash
set -euo pipefail

export VAULT_ADDR="https://vault.internal:8200"
export VAULT_TOKEN="${VAULT_TOKEN:?missing VAULT_TOKEN}"

Secrets management with environment isolation and Vault

secrets-management vault environment-variables
by Kai Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

find / -perm -4000 -type f 2>/dev/null | sort
sudo -l
find /etc/systemd/system -type f -writable 2>/dev/null

Linux privilege escalation checks for suspicious local state

privilege-escalation linux auditing
by Kai Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

# ==========================================================
# Production Incident Response Runbook
# ==========================================================

Incident response runbook and diagnostic scripts

incident-response sre production
by Ryan Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

bundle exec bundler-audit check --update
npm audit --audit-level=high
pip-audit --strict

Dependency vulnerability scanning for Ruby and Node projects

dependency-scanning supply-chain ruby
by Kai Nakamura 1 tab
yaml
# Install cert-manager (Helm)
# helm install cert-manager jetstack/cert-manager #   --namespace cert-manager #   --create-namespace #   --set installCRDs=true

---
# ClusterIssuer for Let's Encrypt (staging)
apiVersion: cert-manager.io/v1

SSL/TLS certificates with Lets Encrypt and cert-manager

ssl tls certificates
by Ryan Nakamura 2 tabs
bash
#!/usr/bin/env bash
# Docker Networking Modes & Configuration

# === List networks ===
docker network ls
docker network inspect bridge

Docker networking: bridge, host, and overlay networks

docker networking containers
by Ryan Nakamura 1 tab
bash
#!/usr/bin/env bash
nmap -Pn -sV -O --top-ports 1000 10.10.20.15
nmap -Pn -sC -sV api.internal.example.com
nmap -Pn -sU --top-ports 50 dns.internal.example.com

Nmap reconnaissance profiles for safe internal assessments

nmap reconnaissance pentesting
by Kai Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

OUT="/tmp/incident-$(date +%Y%m%d-%H%M%S)"
mkdir -p "$OUT"

Forensic collection script for volatile host evidence

forensics incident-response linux
by Kai Nakamura 1 tab
bash
#!/usr/bin/env bash
set -euo pipefail

# Container Registry Management & Image Lifecycle

# ============================================

Container registry management and image lifecycle

docker registry ecr
by Ryan Nakamura 1 tab
blade
{{-- resources/views/errors/503.blade.php --}}
<!DOCTYPE html>
<html>
<head>
    <title>Maintenance Mode</title>
    <style>

Laravel maintenance mode and health checks

laravel maintenance health-checks
by Carlos Mendez 3 tabs
bash
#!/usr/bin/env bash
dnssec-keygen -a ECDSAP256SHA256 -b 2048 -n ZONE example.com
dnssec-signzone -A -3 $(head -c 32 /dev/urandom | sha256sum | cut -d' ' -f1) -N increment -o example.com db.example.com

DNSSEC zone signing basics for integrity of DNS answers

dnssec dns integrity
by Kai Nakamura 1 tab
hcl
# Configure Terraform
terraform {
  required_version = ">= 1.6.0"

  required_providers {
    aws = {

Terraform basics: providers, resources, and state

terraform iac devops
by Ryan Nakamura 3 tabs